General

  • Target

    5f06dd5222ad5f38c294c2a605d7a1ac_JaffaCakes118

  • Size

    406KB

  • Sample

    240520-pf3w4sbc5s

  • MD5

    5f06dd5222ad5f38c294c2a605d7a1ac

  • SHA1

    3852fff8fb9ac1a0dad431368c568e60aee40589

  • SHA256

    1d916a05e07aa61bb84504cd7cf70e920549dde98a3eafebfde3e13d3137df24

  • SHA512

    5b664878282689a9f898af90e59c3f3f06ce74503177874da4e58093b30c3a340870a9a94a0027d5f9f1a31b15733a73c5fc20c587a764df20f70ba94d50ec49

  • SSDEEP

    6144:MU/OLpMfjR6vtVIgyPFiChgkX7WOMeLpebnZgUe4A29pNwz:MU/OLCfmLqPACIeoFa4A29Dwz

Malware Config

Extracted

Family

icedid

C2

ldrruble.casa

Targets

    • Target

      5f06dd5222ad5f38c294c2a605d7a1ac_JaffaCakes118

    • Size

      406KB

    • MD5

      5f06dd5222ad5f38c294c2a605d7a1ac

    • SHA1

      3852fff8fb9ac1a0dad431368c568e60aee40589

    • SHA256

      1d916a05e07aa61bb84504cd7cf70e920549dde98a3eafebfde3e13d3137df24

    • SHA512

      5b664878282689a9f898af90e59c3f3f06ce74503177874da4e58093b30c3a340870a9a94a0027d5f9f1a31b15733a73c5fc20c587a764df20f70ba94d50ec49

    • SSDEEP

      6144:MU/OLpMfjR6vtVIgyPFiChgkX7WOMeLpebnZgUe4A29pNwz:MU/OLCfmLqPACIeoFa4A29Dwz

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks